/// <summary> /// verificará que el usuario esté habilitado para resetear o desbloquear un UW y que no registre un ausentismo para ese día. /// </summary> /// <param name="userName"></param> /// <param name="domainId"></param> public static EmpleadoReseteoBE VirifyUser(string userName, int domainId) { EmpleadoReseteoBE item = null; var connectionString = Common.GetCnn(Common.CnnStringNameMeucci).ConnectionString; using (SqlConnection cnn = new SqlConnection(connectionString)) using (SqlCommand cmd = new SqlCommand("dbo.usp_ReseteoWebVerificarUsuario", cnn) { CommandType = System.Data.CommandType.StoredProcedure }) { cnn.Open(); /// FACTURA_NRO cmd.Parameters.AddWithValue("@UW", userName); cmd.Parameters.AddWithValue("@dom_id", domainId); using (IDataReader reader = cmd.ExecuteReader()) { while (reader.Read()) { item = new EmpleadoReseteoBE(); item.Legajo = Convert.ToInt32(reader["Legajo"]); item.CAIS = Convert.ToBoolean(reader["CAIS"]); item.Cuenta = reader["Cuenta"].ToString(); item.Cargo = reader["Cargo"].ToString(); item.Emp_id = Convert.ToInt32(reader["Legajo"]); item.DomainId = domainId; item.WindowsUser = userName; } } return(item); } }
public static string GenerateTokenJwt(EmpleadoReseteoBE empleado) { // appsetting for Token JWT var secretKey = ConfigurationManager.AppSettings["JWT_SECRET_KEY"]; // audiencia quien genera el tocken var audienceToken = ConfigurationManager.AppSettings["JWT_AUDIENCE_TOKEN"]; //identifica quien consume y uusa el tocken : El cliente var issuerToken = ConfigurationManager.AppSettings["JWT_ISSUER_TOKEN"]; //hora de caducidad a partir de la cual el JWT NO DEBE ser aceptado para su procesamiento. var expireTime = ConfigurationManager.AppSettings["JWT_EXPIRE_MINUTES"]; var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey)); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); // create a claimsIdentity ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, empleado.WindowsUser) }); claimsIdentity.AddClaim(new Claim(ClaimTypes.WindowsAccountName, empleado.WindowsUser)); claimsIdentity.AddClaim(new Claim("Emp_id", empleado.Emp_id.ToString())); claimsIdentity.AddClaim(new Claim("Legajo", empleado.Legajo.ToString())); claimsIdentity.AddClaim(new Claim("dom_id", empleado.DomainId.ToString())); claimsIdentity.AddClaim(new Claim("cuenta", empleado.Cuenta)); claimsIdentity.AddClaim(new Claim("cargo", empleado.Cargo)); claimsIdentity.AddClaim(new Claim("CAIS", empleado.CAIS.ToString())); claimsIdentity.AddClaim(new Claim("isRessetUser", empleado.isRessetUser.ToString())); // create token to the user var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken( audience: audienceToken, issuer: issuerToken, subject: claimsIdentity, notBefore: DateTime.UtcNow, expires: DateTime.UtcNow.AddMinutes(Convert.ToInt32(expireTime)), signingCredentials: signingCredentials); var jwtTokenString = tokenHandler.WriteToken(jwtSecurityToken); return(jwtTokenString); }
public static string GenerateTokenMeucci(EmpleadoReseteoBE emmpleadoBE) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(apiAppSettings.serverSettings.apiConfig.api_secretKey); ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, emmpleadoBE.WindowsUser) }); if (emmpleadoBE != null) { claimsIdentity.AddClaim(new Claim(ClaimTypes.WindowsAccountName, emmpleadoBE.WindowsUser)); claimsIdentity.AddClaim(new Claim("Emp_id", emmpleadoBE.Emp_id.ToString())); claimsIdentity.AddClaim(new Claim("Legajo", emmpleadoBE.Legajo.ToString())); claimsIdentity.AddClaim(new Claim("dom_id", emmpleadoBE.DomainId.ToString())); claimsIdentity.AddClaim(new Claim("cuenta", emmpleadoBE.Cuenta)); claimsIdentity.AddClaim(new Claim("cargo", emmpleadoBE.Cargo)); claimsIdentity.AddClaim(new Claim("CAIS", emmpleadoBE.CAIS.ToString())); } var tokenDescriptor = new SecurityTokenDescriptor { Audience = apiAppSettings.serverSettings.apiConfig.api_audienceToken, Subject = claimsIdentity, Expires = DateTime.UtcNow.AddMinutes(Convert.ToInt32(apiAppSettings.serverSettings.apiConfig.api_expireTime)), Issuer = apiAppSettings.serverSettings.apiConfig.api_issuerToken, NotBefore = DateTime.UtcNow, SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var secToken = tokenHandler.CreateToken(tokenDescriptor); var jwtTokenString = tokenHandler.WriteToken(secToken); return(jwtTokenString); }
public HttpResponseMessage Authenticate(LoginRequest login) { if (login == null) { return(apiHelper.fromEx(new HttpResponseException(HttpStatusCode.BadRequest))); } if (string.IsNullOrEmpty(login.username)) { return(apiHelper.fromEx(new HttpResponseException(HttpStatusCode.BadRequest))); } try { var domName = ActiveDirectoryService.Get_correct_DomainName(login.domain); ///Virifica contra domino var res = ActiveDirectoryService.User_Logon(login.username, login.password, domName); //var resp = apiHelper.fromObject<LoogonUserResult>(res); if (res.LogResult == "LOGIN_USER_OR_PASSWORD_INCORRECT") // if (res.Autenticated == false) { //return Unauthorized(); return(apiHelper.fromErrorString("El usuario y/o contraseña es incorrecto ", HttpStatusCode.Unauthorized)); } if (res.LogResult == "LOGIN_USER_DOESNT_EXIST") { return(apiHelper.fromErrorString("El usuario no existe en el dominio " + login.domain, HttpStatusCode.Unauthorized)); } //si la verificacion contra dominio es OK //busco info del dmonio int dom_id = MeucciDAC.GetDimainId(login.domain); var emmpleadoBE = MeucciDAC.VirifyUser(login.username, dom_id); //Emp_Id, legajo correspondiente al usuario reseteador, si devuelve NULL mostrar el mensaje “Usuario no registrado en Meucci” y cerrar aplicación. //o Cue_Id, cuenta correspondiente al usuario reseteador, si devuelve NULL y el campo CAIS es 0, mostrar el mensaje “Usuario no habilitado” if (emmpleadoBE == null) { emmpleadoBE = new EmpleadoReseteoBE(); emmpleadoBE.Emp_id = -1; emmpleadoBE.WindowsUser = login.username; emmpleadoBE.Legajo = -1; emmpleadoBE.Legajo = -1; emmpleadoBE.CAIS = false; emmpleadoBE.isRessetUser = false; emmpleadoBE.Cuenta = ""; emmpleadoBE.Cargo = ""; //return apiHelper.fromErrorString("Usuario no registrado en Meucci", HttpStatusCode.Unauthorized); } if (string.IsNullOrEmpty(emmpleadoBE.Cuenta) && emmpleadoBE.CAIS == false) { emmpleadoBE.isRessetUser = false; //return apiHelper.fromErrorString("Usuario no habilitado ", HttpStatusCode.Unauthorized); } else { emmpleadoBE.isRessetUser = true; } emmpleadoBE.Dominio = login.domain; var token = TokenGenerator.GenerateTokenJwt(emmpleadoBE); //return Ok(token); return(apiHelper.fromObject <string>(token)); } catch (Exception ex) { return(apiHelper.fromEx(ex)); //return new System.Web.Http.Results.ExceptionResult(ex,this); } }